Best Practices

["John" <tornado579 () gmail com>]

Hi All,

I was just wondering whether we have any web resources which will cater to
best information security practices follwed for the following departments: 

1. IT 
2. HR
3. Admin / Facilities 

I know there are standards like ISO 27001 but it does not exactly go in the
details. For e.g. If company has access control cards issued to the
employees....what are the pros and cons of this control from Risk
perspective and any other alternatives to this control etc. 

Please comment. 

Thanks.